The 1% Who Put the Entire Organization at Risk

The 1% Who Put the Entire Organization at Risk

A new study investigates the ways a small number of employees can unwittingly, for the most part, jeopardize the security integrity of an organization.

The Power of One Percent

1% of users are responsible for 57% of file ownership, 81% of files shared, 73% of excessively exposed files, and 62% of app installations.

Who Can Take You Down

The composition of the 1% of users includes super-privileged users, software architects and machine-based identities that grant access privileges and archival data.

Data Ownership in the Cloud

Digital assets in the cloud are owned disproportionately; the top 1% of users own 57% of these assets in the top 5% are responsible for 81% of these assets.

Distribution of Cloud Cybersecurity Risk

Here's the breakout of risk, calculated as a function of users' volume of usage, potentially risky behaviors and violations of corporate security policy: Top 1% of users create 75% of risk, Top 5% of users create 90% of risk, Remaining 95% of users account for 10% of risk

Exposure-Induced Risky Distribution

The majority of company assets exposed to everyone in the company and the public are created by just 5% of all users. In some cases users are malicious, but most are unaware that they are over-sharing company assets.

The Inheritance Rule

Documents become public unintentionally by "inheritance:" A drag and drop into a public folder, A collaborator makes their folder public without informing the rest of the team, A compromised third-party application changes the access control list of assets

Risk of Cloud Sharing/Collaboration Quantified

The Apps Risk Factor

Third-party applications exchange data with other cloud apps, including corporate, sanctioned applications. They often allow editing, deleting, and copying and externalize information. Cyber criminals frequently target these apps as entry points into the organization.

Third-Party Cloud Apps

1% of users are responsible for 62% of app installations. There are 91,000 unique third-party applications. On average, organizations have 540 unique third-party cloud applications, up from 130 in 2014.

Recommendations

Consider these risk remediation strategies: Focus on the riskiest subset of users, Focus security on organizations with which you collaborate the most, When checking third-party applications, check enforcement capabilities, policy-driven app control and end-user education, Correlate insight across cloud environments

Cyber-security risk is highly concentrated in the cloud, according to a new study, with 1% of users responsible for 75% of the risk. Furthermore, cyber-criminals continue to focus on what is widely considered the weakest link in the security chain: the user, the report revealed. The findings come from CloudLock, which combines U.S. and Israeli military intelligence with real-time, crowd-sourced cloud security insight. The study, "Q3 Cloud Security Report: The 1% Who Can Take down Your Organization," is based on CloudLock's analysis of 1 billion files per day of 10 million users. There were 91,000 unique apps and 2.8 million installs. "Cyber-attacks today target your users—not your infrastructure," said Gil Zimmermann, CEO and co-founder of CloudLock. "As technology leaders wake up to this new reality, security programs are being reengineered to focus where true risk lies: with the user. The best defense is to know what typical user behavior looks like—and, more importantly, what it doesn't."

Karen A. Frenkel writes about technology and innovation and lives in New York City.